package com.stu.initconfig.interceptor;

import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;

import javax.servlet.http.HttpServletRequest;

import org.apache.struts2.ServletActionContext;
import org.springframework.context.ApplicationContext;
import org.springframework.web.context.support.WebApplicationContextUtils;

import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.MethodFilterInterceptor;
import com.stu.entity.permission.PermissionAuth;
import com.stu.entity.permission.PermissionUser;
import com.stu.entity.permission.User;
import com.stu.service.permission.IPermissionAuthService;
import com.stu.service.permission.IPermissionUserService;
import com.stu.utils.CommonUtils;

/**
 * 权限拦截器(拦截除系统管理员以外的用户登录操作)
 * 
 */
public class AuthInterceptor extends MethodFilterInterceptor {

	/**
	 * 
	 */
	private static final long serialVersionUID = 1L;

	private static ApplicationContext ctx = null;

	@Override
	protected String doIntercept(ActionInvocation actionInvocation) throws Exception {
//		SessionInfo sessionInfo = CommonUtils.getSessionInfo();
//		if (sessionInfo.getUserId().equals("0")) {// admin用户不需要验证权限
//			return actionInvocation.invoke();
//		} else {
//			HttpServletRequest request = ServletActionContext.getRequest();
//
//			String requestPath = CommonUtils.getRequestPath(request);
//
//			// 每个请求过来与数据库中的权限进行比对
//			ctx = WebApplicationContextUtils.getWebApplicationContext(ServletActionContext.getServletContext());
//			IRightAuthService rightAuthService = (IRightAuthService) ctx.getBean("rightAuthService");
//			HqlFilter filter = new HqlFilter();
//			filter.addFilter("QUERY_t#url_S_EQ", requestPath);
//			List<RightAuth> auths = rightAuthService.find(filter);
//			if (auths.size() == 0) {// 如果该请求没有设置权限不予处理
//				return actionInvocation.invoke();
//			} else {
//				IRightUserService rightUserService = (IRightUserService) ctx.getBean("rightUserService");
//				RightUser user = rightUserService.getById(sessionInfo.getUserId());
//				Iterator<RightAuth> iter = user.genAuths().iterator();
//				while (iter.hasNext()) {
//					RightAuth auth = iter.next();
//					if (auth.getUrl().equals(requestPath))
//						return actionInvocation.invoke();
//				}
//				ServletActionContext.getRequest().setAttribute("msg", "您没有访问此功能的权限！请联系管理员给你赋予相应权限。");
//				return "noAuth";
//
//			}
//		}
		
		User currentUser=CommonUtils.getCurrentUser("");
		if(null!=currentUser&&"0".equals(currentUser.getUuid()+"")){//如果 id 是 0 ， 默认超级管理员，拥有所有权限
			return actionInvocation.invoke();
		}else{
			HttpServletRequest request=ServletActionContext.getRequest();
			String requestPath=CommonUtils.getRequestPath(request);
			ctx=WebApplicationContextUtils.getWebApplicationContext(ServletActionContext.getServletContext());
			IPermissionAuthService authService=(IPermissionAuthService)ctx.getBean("permissionAuthService");
			String hql="FROM PermissionAuth ";
			Map<String,Object>params=new HashMap<String, Object>();
			params.put("url", requestPath);
			List<PermissionAuth> auths = authService.find(hql, params);
			if (auths.size() == 0) {// 如果该请求没有设置权限不予处理
				return actionInvocation.invoke();
			} else {//如果请求设置了权限，找到当前用户，遍历权限 看是否拥有权限
				IPermissionUserService permissionUserService = (IPermissionUserService) ctx.getBean("permissionUserService");
				PermissionUser user = permissionUserService.findById(currentUser.getUuid());
				Iterator<PermissionAuth> iter = user.genAuths().iterator();
				while (iter.hasNext()) {
					PermissionAuth auth = iter.next();
					if (auth.getUrl().equals(requestPath))
						return actionInvocation.invoke();
				}
				ServletActionContext.getRequest().setAttribute("msg", "您没有访问此功能的权限！请联系管理员给你赋予相应权限。");
				return "noAuth";
			}
		}
		
	}

}
